Post on 12-Nov-2014
description
transcript
A Seminar on
Data Security, Privacy and Other Applications in Emerging Body Area Networks
Narayana VinayakB080015EC
Layout of the Seminar Goals Introduction Typical Applications Research Challenges Data Security and Privacy Models Proposed
GoalsUnderstanding BANsAppreciating their ‘potency’Being aware of their current applications Understanding the challenges on the
horizonUnderstanding models proposed for data
security in BANs
Introduction
Definition by IEEE: “A communication standard optimized for low power devices for their operation on, in or around the human body (but not limited to humans) to serve a variety of applications including medical, consumer electronics or personal entertainment and other.”
Source: IEEE 802.15
Typical Applications
Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking
Technologies,” IEEE Wireless Communications, Feb. 2010
Layout
Source: M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless
Communications, Feb. 2010
Relevance
* Ageing population; sedentary lifestyle
* WHO stats:
# Diabetics-360 million by 2030
# >2.3 bn. people obese by 2015
# rise in neuro-degenerative diseases
* Fragile healthcare system, rising medical costs
* Shortage of trained health staff in third world
Realisation
Strategically placed wearable or implanted sensor nodes Job: sample, process and transmit vital signsWhat signs?
Heart rate, blood pressure, temperature, pH, respiration etc.
Where to? To a hospital, clinic or a central repository of medical data
How?• A gateway device (e.g., a cell phone or a PDA) is used as a
gateway device to connect to infrastructure networks like WLAN, WPAN etc.
Source: Mark A. Hanson et al., “Body Area Sensor Networks: Challenges and Opportunities,” Computer, Jan. 2009
UsesAlerting the patient via SMS, alarm or reminder messagesClose-loop bio-feedback: if high sugar-level, a device
triggers an insulin pump to inject a dose of insulin (artificial pancreas)
Long-term medical trend analysisReduction in hospital staysRegulation of treatment regimesEssence: Offering a paradigm shift from managing
ILLNESS to managing WELLNESS by focusing on prevention and early detection (pre-emptive defence!)
Research Challenges
1. Frequency Band Selection:1. Most BAN devices need global operability
2. Facility for low-power usage (less crowded)
3. Less stringent rules for flexible usage and adaptability
4. Solutions proposed: Opening up the 2360-2400 MHz spectrum near ISM for medical BANs and allocating up to 24 MHz in the 413-457 MHz range for medical micropower network
2. Antenna Design:1. Restrictions on size, material and shape of antenna
2. Hostile RF environment due to changes in wearer’s age, weight changes and posture changes
3. During implants only non-corrosive and bio-compatible material can be used: Platinum or Titanium (both poor) against the usual copper
Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications,
Feb. 2010
3. PHY Protocol Design:1. Minimize power consumption
2. Solution: Quick turn-around from transmit to receive and fast wake-up from sleep mode
3. Seamless connectivity in dynamic environments
4. Energy-Efficient Hardware:1. Today’s wireless technologies draw relatively high peak current
2. Also rely on duty cycling between sleep and active
3. Solution: Operation on low peak pulse-discharge current from thin-film (paper) batteries, idle listening, developing a crystal-less radio*
* Reference: F. Sebastiano et al., “Impulse Based Scheme for crystal-less ULP Radios”, Proc. IEEE ISCAS, May 2008, pp. 1508-1511.
5. Technical Requirements:1. Wide variation in data rate, BER, delay tolerance, duty cycle and
lifetime
2. Diverse application environments
Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless
Communications, Feb. 2010
Source: M. Patel and J. Wang, IEEE Wireless Communications, Feb. 2010
Candidate Technologies
Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications,
Feb. 2010
Entities Involved in Research
The IEEE 802.15.6 Task Group is developing the first industrial standard for the Physical and MAC layers for BAN (done, Feb. 2011)
Major competition: ZigBee and Bluetooth.
Holistic standardization needed for plug-and-play interoperability
ISO/IEEE 11073 Personal Health Data Working Group: Standardization of data exchange between peripheral area network devices and gateway devices
application
transport
network
link
physical
Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area
Networking Technologies,” IEEE Wireless Communications, Feb. 2010
Data Security and PrivacyData Security: Data is securely stored and transferredData Privacy: Data can be used only by authorized peopleApplication scenario:
◦ Emergency; paramedic reads RFID* tag to get the patient’s medical records and his profile.
◦ WBAN is set up with wearable sensors
◦ Nurse reads health data from WBAN and uploads data onto local network
◦ Patient’s gateway device is configured with an Access Policy (AP) that grants access to records (also adapts automatically)
◦ Patient can adjust his AP to hide sensitive data
* Radio Frequency Identification is a standard technology that uses Radio waves to sense the details of an object for tracking. It uses RFID tags for this purpose.
Threats Faced by Data within BAN:◦ Threat from Device Compromise (encrypted data and key in same
node)
◦ Threat from Network Dynamics (fake nodes masquerade real ones)
Storage Security Requirements:◦ Confidentiality
◦ Dynamic Integrity Assurance
◦ Dependability
Access Security Requirements:◦ Access Control (privacy; Fine-Grained)
◦ Accountability
◦ Revocability
◦ Non-Repudiation
Other Requirements:◦ Authentication
◦ Availability
◦ Security-Safety, Security-Efficiency and Security-Usability conflict resolution
Source: M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless Communications, Feb. 2010
The above Access Policy reads: “allow access by a doctor from the surgery department but not Dr. X, or an analyst or a paramedic, or a nurse who is not an intern.”
Models ProposedSecure and Dependable Data Storage Schemes:
1. Based on Redundant Residue Number System (RRNS)1. Proposed by Chessa et al.
2. Method: A number representable on a set of h moduli is represented by h + r moduli, where the extra r moduli are redundant
3. Source Node S distributes a single file F among n other nodes, where n=h + r is a random pick
4. S computes F’s residue vector and distributes each file share to a different storage node
5. Pros.: Erasure tolerance is s<=r and corruption tolerance is ceil((r-s)/2)
6. Cons.: Set of moduli can be very large, data integrity not ensured when number of errors is more than r.
2. Based on Erasure Coding1. Proposed by Wang et al.
2. Original encrypted data is broken down into n data shares, with each of them made of a block generated from (n,k) erasure coding and a share of the secret key using (n,k) secret sharing
3. These data shares are then distributed among the n neighbouring nodes
4. Dynamic Integrity Check: Each storage node computes and broadcasts an algebraic signature on one data share; one node checks its signature against those by other nodes to detect alterations timely
5. Pros.: Data confidentiality, dependability and dynamic integrity achieved simultaneously
6. Cons.: No third party (say, the local server) can perform integrity checks.
3. Based on Constant Data Motion method1. Proposed by Pietro et al.
2. Idea: Move the data from one sensor node to the next so as to make it hard for the cracker to ‘track’ and ‘catch’ the data
3. Found to be very efficient (high data survival probability)
4. Cons.: High communication and storage overhead; less practical in energy-strained environments
4. Attribute Based Encryption (ABE)1. Proposed by Li et al.
2. Specifically called the Ciphertext Policy ABE (CP-ABE)
3. Perfectly matches the model of Role-Based Access Control (RBAC)
4. Each user has a set of roles; patient chooses which roles to grant access to.
5. When a node in WBAN generates data, the AP is built into the Ciphertext; splitting a secret among components belonging to different user attributes; randomized to prevent user-collusion
6. Effectively implements fine-grained access control
Physiological Signal-based Key Agreement (PSKA): Proposed by Ayan Banerjee et al. Requires no a priori deployment of keying material or
initialization Inspiration: Dynamic and complex nature of human
physiological signals Design goals met:
◦ Length and randomness
◦ Low latency
◦ Distinctiveness
◦ Temporal variance
Signal used: Electrocardiogram (EKG) commonly
Method used:
Cons.: It may correct a few differences in feature vectors but can’t handle the reordering of or presence of additional feature vectors; solution: fuzzy vault
Fuzzy VaultGenerate a v-th order polynomial p over the variable x that
encodes the secret SCompute the value of the polynomial at different x from
the set A (at the transmitter) and create a set R= {a, p(a)}
Add randomly generated set of points called chaff to R, which don’t lie on the polynomial; we call R as the vault
To unlock the vault using set B (at the receiver), construct a set Q (see example given overleaf)
Unlocking is possible only if Q has a significant number of legitimate (non-chaff) points that are on the polynomial
Mapping to PSKA: Features at sender are set to A and those at the receiver, in set B
Example
Consider the polynomial: p(x) = x + 1; A = {1, 2, 3}; B = {1, 3, 4}
Now, vault R is created by computing the polynomial’s value at each point in A and adding chaff-points
So, R = { (1, 2)(2, 3)(3, 4)(4, 7)(6, 9)(7, 12)(8, 5) }
The last four points are chaff-points
To unlock the vault, the set Q is constructed,
Q = { (1, 2)(3, 4)(4, 7) }
As the set Q has two points on the polynomial, we can use it to reconstruct the first-order polynomial, and thus, unlock the secret
Major ReferencesM. Patel and J. Wang, “Applications, Challenges, And
Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications, Feb. 2010, pp. 80-88
A. Banerjee et al., “PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks,” IEEE Transactions On Information Technology In Biomedicine, Jan. 2010, pp. 60-68
M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless Communications, Feb. 2010, pp. 51-58
Others: Cited in the Report
Thanks a lot!